|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Objective-C) Validate a JWS Using ECDSA P-256 SHA-256Validates a JSON Web Signature (JWS) that uses ECDSA P-256 SHA-256 Note: This example requires Chilkat v11.0.0 or greater.
#import <CkoStringBuilder.h> #import <CkoPublicKey.h> #import <CkoJws.h> #import <CkoJsonObject.h> BOOL success = NO; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // This example takes a JSON signature in compact serialization format, // and uses an ECDSA public key to validate and recover the protected header and payload. // We only need a public key for signature validation. This is the ECDSA public key // that is used: // {"kty":"EC", // "crv":"P-256", // "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU", // "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0" // } CkoStringBuilder *sbPubKey = [[CkoStringBuilder alloc] init]; [sbPubKey Append: @"{\"kty\":\"EC\","]; [sbPubKey Append: @"\"crv\":\"P-256\","]; [sbPubKey Append: @"\"x\":\"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU\","]; [sbPubKey Append: @"\"y\":\"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0\""]; [sbPubKey Append: @"}"]; CkoPublicKey *pubKey = [[CkoPublicKey alloc] init]; success = [pubKey LoadFromString: [sbPubKey GetAsString]]; if (success == NO) { NSLog(@"%@",pubKey.LastErrorText); return; } CkoJws *jws = [[CkoJws alloc] init]; // Set the ECC public key: int signatureIndex = 0; [jws SetPublicKey: [NSNumber numberWithInt: signatureIndex] pubKey: pubKey]; // Load the JWS. CkoStringBuilder *sbJws = [[CkoStringBuilder alloc] init]; [sbJws Append: @"eyJhbGciOiJFUzI1NiJ9"]; [sbJws Append: @"."]; [sbJws Append: @"eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt"]; [sbJws Append: @"cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"]; [sbJws Append: @"."]; [sbJws Append: @"DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSA"]; [sbJws Append: @"pmWQxfKTUJqPP3-Kg6NU1Q"]; success = [jws LoadJwsSb: sbJws]; if (success == NO) { NSLog(@"%@",jws.LastErrorText); return; } // Validate the 1st (and only) signature at index 0.. int v = [[jws Validate: [NSNumber numberWithInt: signatureIndex]] intValue]; if (v < 0) { // Perhaps Chilkat was not unlocked or the trial expired.. NSLog(@"%@",@"Method call failed for some other reason."); NSLog(@"%@",jws.LastErrorText); return; } if (v == 0) { NSLog(@"%@",@"Invalid signature. The ECC key was incorrect, the JWS was invalid, or both."); return; } // If we get here, the signature was validated.. NSLog(@"%@",@"Signature validated."); NSLog(@"%@",@"--"); // Recover the original content: NSLog(@"%@",@"Recovered content:"); NSLog(@"%@",[jws GetPayload: @"utf-8"]); NSLog(@"%@",@"--"); // Examine the protected header: CkoJsonObject *joseHeader = [[CkoJsonObject alloc] init]; success = [jws GetProtectedH: [NSNumber numberWithInt: signatureIndex] json: joseHeader]; if (success == NO) { NSLog(@"%@",jws.LastErrorText); return; } joseHeader.EmitCompact = NO; NSLog(@"%@",@"Protected (JOSE) header:"); NSLog(@"%@",[joseHeader Emit]); // Output: // Signature validated. // -- // Recovered content: // {"iss":"joe", // "exp":1300819380, // "http://example.com/is_root":true} // -- // Protected (JOSE) header: // { // "alg": "ES256" // } |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.